methods MIT 7 versions

methods

npm Repository Homepage

HTTP methods that node supports

Versions

MIT

License

Install Scripts

Missing

Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

tjholowaychukjonathanongjongleberrydougwilson

Keywords

httpmethods

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
provenance	publisher-changed	AI (provenance): dougwilson is a well-known jshttp org maintainer and listed contributor; transition from jongleberry is a documented legitimate handoff within the jshttp organization.	ai	2026/04/21
maintainer-change	maintainer-added	AI (maintainer-change): dougwilson is a core jshttp maintainer with a strong track record; addition is a legitimate org-level maintainer transition.	ai	2026/04/21
publish-pattern	dormant-publish	AI (publish-pattern): Package is a stable, minimal HTTP methods utility; dormancy is expected. Publish aligns with legitimate maintenance by a known trusted maintainer.	ai	2026/04/21

Versions (showing 7 of 7)

Version	Deps	Published
1.1.2	0 / 2	2016-01-18
1.1.1	0 / 2	2014-12-30
1.1.0	0 / 1	2014-07-06
1.0.1	0 / 1	2014-06-02
1.0.0	0 / 1	2014-05-08
0.1.0	0 / 0	2013-10-28
0.0.1	0 / 0	2012-06-26